USRE49968EActiveUtility

Electronic identification verification methods and systems with storage of certification records to a side chain

95
Assignee: PING IDENTITY CORPPriority: Feb 6, 2017Filed: May 24, 2022Granted: May 14, 2024
Est. expiryFeb 6, 2037(~10.6 yrs left)· nominal 20-yr term from priority
G06Q 2220/00G06Q 50/265G06Q 30/018G06F 21/31G06Q 20/3827G06Q 20/38215G06K 7/1417G06Q 20/065H04L 9/0643H04L 9/3236H04L 9/3247H04L 9/3263H04L 9/3297G06F 7/588H04L 9/50H04L 9/3239
95
PatentIndex Score
4
Cited by
382
References
23
Claims

Abstract

Method of certification including receiving user data at a device of a certifying entity. The method includes generating a salt that is unique. The method includes hashing the data combined with the salt to create a generated hashed data. The method includes generating a certification record based on signing the generated hashed data using a private key of the certifying entity to create a signed certification of the data. The method includes hashing the certification record. The method includes transmitting the hashed certification record to a blockchain for storing. The method includes receiving a certification tx-ID of the hashed certification record. The method includes generating a certification data block including the certification record and the certification tx-ID. The method includes storing the certification data block to a side chain.

Claims

exact text as granted — not AI-modified
What is claimed is: 
     
       1. A method, comprising operations of:
 receiving data of a user at a certification device of a certifying entity; 
 generating a salt that is unique; 
 hashing the data combined with the salt to create a generated hashed data; 
 generating a certification record based on signing the generated hashed data using a private key of the certifying entity to create a signed certification of the data; 
 hashing the certification record; 
 transmitting the hashed certification record to a blockchain for storing; 
 receiving a certification tx-ID of the hashed certification record; 
 generating a certification data block including the certification record and the certification tx-ID; 
 storing the certification data block to a side chains chain; 
 receiving a registration tx-ID of the data, wherein the registration tx-ID is generated from a the blockchain in response to receiving and storing a signed hash value of the data for registration, wherein the signed hash value is signed using a private key of the user, wherein the hash value of the data is generated using a registration hash algorithm; 
 retrieving the signed hash value of the data stored in the blockchain using the registration tx-ID; and 
 positively verifying that the generated hash value and the retrieved signed hash value is identical. 
 
     
     
       2. The method of  claim 1 , wherein the side chain is a private blockchain. 
     
     
       3. The method of  claim 1 , wherein the side chain is a public blockchain. 
     
     
       4. The method of  claim 1 , further comprising: receiving a side tx-ID of the certification data block from the side chain, wherein the side tx-ID includes a reference to the certification tx-ID of the blockchain. 
     
     
       5. The method of  claim 1 , further comprising: generating a second salt that is unique; hashing the signed certification of the data combined with the second salt; and storing the hash of the signed certification of the data combined with the second salt in the certification record. 
     
     
       6. The method of  claim 1 , further comprising:
 generating a second salt that is unique; 
 hashing the signed certification of the data combined with the second salt and combined with a public key of the certifying entity; and 
 storing the hash of signed certification of the data combined with the second salt and combined with the public key of the certifying entity in the certification record. 
 
     
     
       7. The method of  claim 1 , wherein the generating the certification record includes:
 generating a plurality of salts for a plurality of fields of the data; 
 for each field, hashing the corresponding field combined with a corresponding salt to create a corresponding generated hashed data of the field; 
 for each field, signing the corresponding generated hashed data of the field using the private key of the certifying entity; and 
 generating the certification record based on a plurality of signed certifications of the fields. 
 
     
     
       8. The method of  claim 1 , wherein the salt is random. 
     
     
       9. A method, comprising operations of:
 generating a plurality of certification data blocks, wherein the generating for each certification data block comprises:
 receiving data of a user at a certification device of a certifying entity; 
 generating a salt that is unique; 
 hashing the data combined with the salt to create a generated hashed data; 
 signing the generated hashed data using a private key of the certifying entity to create a signed certification of the data that comprises a corresponding certification record; 
 hashing the corresponding certification record to generate a corresponding hashed certification record; 
 appending the corresponding hashed certification record to a list of hashes in a box car record; 
 receiving a corresponding box car tx-ID for the corresponding hashed certification record; 
 writing the corresponding certification data block and the corresponding box car tx-ID to a side chain; 
 receiving a registration tx-ID of the data, wherein the registration tx-ID is generated from a blockchain in response to receiving and storing a signed hash value of the data for registration, wherein the signed hash value is signed using a private key of the user, wherein the hash value of the data is generated using a registration hash algorithm; 
 retrieving the signed hash value of the data stored in the blockchain using the registration tx-ID; and 
 positively verifying that the generated hash value and the retrieved signed hash value is identical; 
 reaching a threshold of hashed certification records in the list of hashes; 
 hashing the list of hashes; 
 writing the hashed list of hashes to the blockchain; 
 receiving a list tx-ID from the blockchain; 
 writing the list tx-ID to the box car record; and 
 writing the box car record including the hashed list of hashes and the list tx-ID to the side chain. 
 
 
     
     
       10. The method of  claim 9 , wherein the threshold comprises a maximum number of hashed certification records in the list of hashes. 
     
     
       11. The method of  claim 9 , herein wherein the threshold comprises a period of time. 
     
     
       12. The method of  claim 9 , wherein the side chain is a private blockchain. 
     
     
       13. The method of  claim 9 , wherein the side chain is a public blockchain. 
     
     
       14. The method of  claim 9 , wherein the generating for each certification data block further comprises:
 generating a second salt that is unique; 
 hashing the signed certification of the data combined with the second salt and combined with a public key of the certifying entity; and 
 storing the hash of signed certification of the data combined with the second salt and combined with the public key of the certifying entity in the certification record. 
 
     
     
       15. The method of  claim 9 , wherein the salt is random. 
     
     
       16. A computer system comprising:
 a processor; and 
 memory coupled to the processor and having stored therein instructions that, if executed by the computer system, cause the computer system to execute a method comprising:
 receiving data of a user at a certification device of a certifying entity; 
 generating a salt that is unique; 
 hashing the data combined with the salt to create a generated hashed data; 
 generating a certification record based on signing the generated hashed data using a private key of the certifying entity to create a signed certification of the data; 
 hashing the certification record; 
 transmitting the hashed certification record to a blockchain for storing; 
 receiving a certification tx-ID of the hashed certification record; 
 generating a certification data block including the certification record and the certification tx-ID; 
 storing the certification data block to a side chains chain; 
 receiving a registration tx-ID of the data, wherein the registration tx-ID is generated from a the blockchain in response to receiving and storing a signed hash value of the data for registration, wherein the signed hash value is signed using a private key of the user, wherein the hash value of the data is generated using a registration hash algorithm; 
 retrieving the signed hash value of the data stored in the blockchain using the registration tx-ID; and 
 positively verifying that the generated hash value and the retrieved signed hash value is identical. 
 
 
     
     
       17. The computer system of  claim 16 , wherein in the method the side chain is a private blockchain. 
     
     
       18. The computer system of  claim 16 , wherein in the method the side chain is a public blockchain. 
     
     
       19. The computer system of  claim 16 , wherein the method further comprises:
 receiving a side tx-ID of the certification data block from the side chain, wherein the side tx-ID includes a reference to the certification tx-ID of the blockchain. 
 
     
     
       20. The computer system of  claim 16 , wherein the method further comprises:
 generating a second salt that is unique; 
 hashing the signed certification of the data combined with the second salt; and 
 storing the hash of the signed certification of the data combined with the second salt in the certification record. 
 
     
     
       21. The computer system of  claim 16 , wherein the method further comprises:
 generating a second salt that is unique; 
 hashing the signed certification of the data combined with the second salt and combined with a public key of the certifying entity; and 
 storing the hash of signed certification of the data combined with the second salt and combined with the public key of the certifying entity in the certification record. 
 
     
     
       22. The computer system of  claim 16 , wherein the generating the certification record of the method further comprises:
 generating a plurality of salts for a plurality of fields of the data; 
 for each field, hashing the corresponding field combined with a corresponding salt to create a corresponding generated hashed data of the field; 
 for each field, signing the corresponding generated hashed data of the field using the private key of the certifying entity; and 
 generating the certification record based on a plurality of signed certifications of the fields. 
 
     
     
       23. The computer system of  claim 16 , wherein in the method the salt is random.

Cited by (0)

No later patents cite this yet.

References (0)

No backward citations on record.